Method for protecting a computer from the manipulation of register contents and a corresponding computer for carrying out this method

ABSTRACT

For protecting a computer from manipulation of register contents, copies of registers to be protected ( 6 ; PC) are created in separate redundancy registers ( 10   a - 10   c ). At each instruction execution, the content of the register to be protected is compared with the copy thereof. The instruction is only executed if there is a match of register contents. If there is a mismatch of register contents, this is interpreted as an indication that the content of the register to be protected has been manipulated, and error handling is performed.

[0001] This invention relates to a method for protecting a computer, inparticular a microcontroller (μC) or microprocessor (μP), frommanipulation of register contents. The invention further relates to achip card making use of such a method or computer.

[0002] Protection of parts of a computer from manipulation is imperativefor expedient use of a computer in many cases of application, forexample with chip cards equipped with computers. It is known to protectregisters from manipulation by data encryption.

[0003] DE 199 18 620 A1 discloses a method for protecting a computerfrom manipulation wherein after execution of each program instruction bya central processing unit a logic operation is performed on differentregister contents, in particular an XOR operation, the result of saidoperation is stored in a memory, to perform the same operation on thecontents of the same registers before execution of the next instructionand compare the obtained operation result with the previously storedoperation result. This method has proved useful.

[0004] The present invention is intended to state an alternative methodfor protecting a computer of the abovementioned kind.

[0005] For this purpose, the invention provides a method for protectinga computer from manipulation of register contents by creating a copy ofthe content of a register to be protected and comparing on demand thecontent of the register to be protected with the copy thereof.

[0006] Comparing on demand means for example in particular that thecomparison is performed at each execution of an instruction to detectwhether the content of the register to be protected was manipulated inthe time period between execution of a previous instruction and the nowpending instruction execution. This permits the comparison be coupled intime with the increment of the program counter whose content defines theinstruction sequence to be executed.

[0007] To obtain additional security, it is provided in a preferredembodiment of the invention to store the content of the register to beprotected as a copy in a modified form. This prevents certain registersfrom being recognized by manipulative comparison of register contentsand thus the protection being rendered ineffective. The modificationdoes not readily permit a simple comparison of the content of theregister to be pro-tected with the copy.

[0008] Modification of the data can be done by bitwise inversion. Thisgives the copy of the content of the register to be protected the formof the one's complement of the content of the register to be protected.It is advantageous here that the comparison can be performed for exampleby simply subtracting the copy from the content of the register to beprotected. If there is a match the subtraction yields the value zero. Anonzero value means a falsification of data in the register to beprotected (or in the copy).

[0009] In one embodiment of the invention, it is provided that theregister to be protected and/or the register containing the copy isshielded. Such shielding can be effected for example by indirectlyaddressing the relevant register.

[0010] As a special embodiment of the invention, a concealment of thephysical relations between the register to be protected and the registercreated for the copy is proposed. Such a concealment can be effected forexample by creating the register at a different place from the registerto be protected within the semiconductor memory. Creating the registerintended for the copy at a place within the semiconductor memory that isseparate from the register to be protected can mean an actual spatialseparation, but also a virtual or logical separation by modifying theaddress of the register receiving the copy.

[0011] It is especially preferred to compare the content of the registerto be protected and the register receiving the copy using a hardwarecomparator, alternatively a comparison by microcode. This manner ofcomparison is especially fast, only negligibly delaying the run duringprogram processing. Comparators for comparing register contents bit bybit are known. As an alternative to this possibility, the registercontents to be compared can be tested for a match bysubtraction/addition. If the copy is an unmodified version of thecontent of the register to be protected, normal subtraction is effected.In case of a nonzero result, it is signaled to the central processingunit (CPU) of the computer that there has been manipulation. Specialprogram steps can then be executed to handle this detection ofmanipulation.

[0012] If an inverted version of the content of the register to beprotected is stored in the register created for the copy, thesubtraction can be realized simply by merely adding the two registercontents.

[0013] In a special embodiment of the invention, the copy of the contentof the register to be protected can also be only partly manipulated. Aneight bit long register can also be divided into two equally longportions of four bits each to store the first part unmodified and thesecond part inverted as a copy. This special kind of modification isthen taken into account in the comparison to be performed.

[0014] The invention furthermore provides a computer in the form of amicrocontroller or microprocessor for carrying out the above-describedmethod. Said computer contains a first register memory set with at leastone register to be protected, further a second register memory set withat least one redundancy register for receiving the (possibly modified)copy of the register content to be protected, further a comparator forcomparing the register contents on demand to initiate handling by thecentral processing unit of the computer in dependence on the result ofcomparison.

[0015] Finally, the invention also provides a chip card equipped withsuch a computer.

[0016] Hereinafter, some embodiments of the invention will be explainedin more detail with reference to the drawing, in which:

[0017]FIG. 1 shows a block diagram of a schematized computer withmeasures for protecting the content of one or more registers frommanipulation;

[0018]FIG. 2 shows a block diagram of an apparatus for comparing thecontents of a register to be protected and a redundancy register;

[0019]FIG. 3 shows a block diagram of an alternative embodiment to FIG.2;

[0020]FIG. 4 shows a block diagram of an alternative embodiment to FIG.2 of a circuit for comparing two register contents.

[0021]FIG. 1 shows a computer schematically in the form of a blockdiagram. The invention relates specifically to a microcontroller (μC) ormicroprocessor (μP) but is not limited thereto. A special case ofapplication is the chip card with a chip in which contents of certainregisters are to be protected from manipulation.

[0022] According to FIG. 1, a program to be executed is stored inprogram memory 2 formed as a ROM. An instruction to be executed is readout from program memory 2 dependent on the content of program counter PC6. The readout instruction is then in buffer or instruction register 4.

[0023] Program counter 6 is part of a register set in RAM 20. Theregister set is designated 14 here and comprises besides program counter6 further registers R1, R2, . . . and stack pointer SP. The furtherregisters besides program counter 6 are designated with reference sign 8in FIG. 1.

[0024] At a place in RAM 20 that is logically and/or spatially separatefrom register set 14 there is second register set 12 with—in the presentexample three—redundancy registers 10 a, 10 b and 10 c. Said redundancyregisters 10 a, 10 b and 10 c store copies of the program counter (PC′),register R1 (R1′) and the stack pointer (SP′).

[0025] Control unit 100 (CPU) is connected with program memory 2, RAM 20and instruction register 4 via control lines, and is furthermore coupledwith RAM 20 via a bus connection, shown schematically here in the formof an ABUS connected to the memory area for register set 14, and a BBUSconnected to the memory area for register set 12.

[0026]FIG. 2 shows schematically a comparator array for comparingprogram counter PC in register 6 to be protected with program countercopy PC′ in redundancy register 10 a. The two register contents aresubtracted by subtracter 22. The result is zero if there is a match ofregister contents. A nonzero value signals that there has beenmanipulation of one or the other register 6, 10 a (or both registers).

[0027] During operation of the computer, program counter PC is comparedwith its copy PC′ previously stored in redundancy register 10 a beforean instruction is read out from program memory 2. Only if there is amatch is the read operation of program memory 2 performed or theread-out instruction, which is then in instruction register 4, actuallyexecuted. In case of a mismatch of PC and PC′ the execution is blockedand an error routine of little interest here is effected.

[0028] In the embodiment of the comparator according to FIG. 2 it hasbeen assumed that copy PC in redundancy register 10 a is an exact copyof PC.

[0029] Alternatively, the copy can also be stored in the form of amodified version of the content of the register to be protected.

[0030]FIG. 3 shows as an example of such a modified copy the storage ofa bitwise inverted version of the content of register R1. After eachinstruction execution the content of R1 is bitwise inverted, indicatedschematically here by negator 26, so that the bitwise inverted versionof the register content of R1 is stored in redundancy register 10 b ascopy R1′. Due to the bitwise inversion, copy R1′ then corresponds to theone's complement of the content of R1. Addition of the two registercontents should cause the result of comparison to be zero if there is amatch, that is, if there has been no manipulation of a register content.

[0031]FIG. 4 shows a further modification for forming the comparator orcreating a copy of the content of a register to be protected, shownagain here with reference to register R1. According to FIG. 4, registerR1 designated 30 here is divided into two equally long halves 30 a and30 b with for example four bits each. As copy R1′ the two content halvesof register 30 are adopted unchanged as a partial copy, on the one hand,and bitwise inverted, on the other hand. The content of left registerhalf 30 a is copied unchanged into redundancy register 32, in left half32 a thereof. The content of right register half 30 b is loaded bitwiseinverted into right half 32 b of redundancy register 32, symbolized hereby negator 36. Copy R1′ of the content of the register to be protectedis accordingly a partly identical and partly bitwise inverted version ofthe register content to be protected.

[0032] For performing the comparison with the aid of subtracter 40,respective left halves 30 a and 32 a of registers 30 and 32 aresubtracted, and the version of the data in right half 32 b of register32, bitwise inverted again with the aid of negator 34, is subtractedfrom right half 30 b of register 30. Here, too, there is a match, thatis, there has been no manipulation of the register to be protected, onlyif the result of calculation or comparison yields the result zero.

1. A method for protecting a computer, in particular a microcontroller(μC) or microprocessor (μP), from manipulation of register contents,characterized by creating a copy (PC′) of a register (PC) to beprotected and comparing on demand the content of the register to beprotected and the copy thereof.
 2. A method according to claim 1,characterized in that the data of the copy are modified relative to thecontent of the register to be protected.
 3. A method according to claim2, characterized in that the modification is effected by bitwiseinversion of the data.
 4. A method according to claim 1, characterizedin that the register to be protected and/or the register containing thecopy (10 a-10 c) is/are shielded.
 5. A method according to claim 4,characterized in that the shielding of the register is effected byindirectly addressing the register.
 6. A method according to claim 1,characterized in that a concealment of the physical relations betweenthe register to be protected (6, 8) and the register (10) containing thecopy is performed.
 7. A method according to claim 6, characterized inthat the concealment is effected by creating the register for the copy(PC′) at a place that is virtually or spatially separate from the placein the register to be protected (6, 8).
 8. A method according to claim1, characterized in that the comparison of the contents of the registerto be protected and the copy (PC′) is realized a) by means of a hardwarecomparator (22, 24, 40), or b) by microcode.
 9. A method according toclaim 1, characterized in that the comparison is performed by bitwisecomparison of the data.
 10. A method according to claim 1, characterizedin that the comparison is performed by subtraction of the registercontents.
 11. A computer, in particular in the form of a microcontrolleror microprocessor, for carrying out the method according to claim 1,characterized by: a first register memory set (14) with at least oneregister to be protected (6, 8); a second register memory set (12) withat least one redundancy register (10 a-10 c) for receiving a copy of thecontent of a register to be protected, and a comparator (22, 24, 40) forcomparing on demand the contents of the register to be protected and theredundancy register.
 12. A computer according to claim 11, characterizedin that a control unit (100) controls the comparator to perform thecomparison at each instruction execution of the computer.
 13. A chipcard having a computer according to claim 11.